The gstreamer-plugins package contains plug-ins used by the GStreamerstreaming-media framework to support a wide variety of media types.

An array indexing error was found in the GStreamer's QuickTime media fileformat decoding plug-in. An attacker could create a carefully-craftedQuickTime media .mov file that would cause an application using GStreamerto crash or, potentially, execute arbitrary code if played by a victim.(CVE-2009-0398)

All users of gstreamer-plugins are advised to upgrade to these updatedpackages, which contain a backported patch to correct this issue. Afterinstalling the update, all applications using GStreamer (such asnautilus-media) must be restarted for the changes to take effect.

4. Solution:

Before applying this update, make sure that all previously-releasederrata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to usethe Red Hat Network to apply this update are available athttp://kbase.redhat.com/faq/docs/DOC-11259